disable 2FA according to config
2FA is disabled for superadmin unless `SUPER_ADMIN_OTP_ENABLED` is equal to `enabled` (default value)
This commit is contained in:
parent
ef970dbfe5
commit
6af01077b6
3 changed files with 10 additions and 5 deletions
|
@ -27,8 +27,12 @@
|
|||
class SuperAdmin < ApplicationRecord
|
||||
include PasswordComplexityConcern
|
||||
|
||||
devise :rememberable, :trackable, :validatable, :lockable, :recoverable,
|
||||
:two_factor_authenticatable, :otp_secret_encryption_key => Rails.application.secrets.otp_secret_key
|
||||
devise :rememberable, :trackable, :validatable, :lockable, :recoverable
|
||||
if SUPER_ADMIN_OTP_ENABLED
|
||||
devise :two_factor_authenticatable, :otp_secret_encryption_key => Rails.application.secrets.otp_secret_key
|
||||
else
|
||||
devise :database_authenticatable
|
||||
end
|
||||
|
||||
def enable_otp!
|
||||
self.otp_secret = SuperAdmin.generate_otp_secret
|
||||
|
|
|
@ -12,8 +12,9 @@
|
|||
= f.label :password, "Mot de passe (#{PASSWORD_MIN_LENGTH} caractères minimum)"
|
||||
= f.password_field :password, autocomplete: 'current-password'
|
||||
|
||||
= f.label :otp_attempt, 'Code OTP (uniquement si vous avez déjà activé 2FA)'
|
||||
= f.text_field :otp_attempt
|
||||
- if SUPER_ADMIN_OTP_ENABLED
|
||||
= f.label :otp_attempt, 'Code OTP (uniquement si vous avez déjà activé 2FA)'
|
||||
= f.text_field :otp_attempt
|
||||
|
||||
%p= link_to "Mot de passe oublié ou réinitialisation 2FA ?", new_super_admin_password_path, class: "link"
|
||||
= f.submit "Se connecter", class: "fr-btn fr-btn--lg"
|
||||
|
|
|
@ -237,7 +237,7 @@ Devise.setup do |config|
|
|||
# change the failure app, you can configure them inside the config.warden block.
|
||||
#
|
||||
config.warden do |manager|
|
||||
manager.default_strategies(:scope => :administration).unshift :two_factor_authenticatable
|
||||
manager.default_strategies(:scope => :administration).unshift :two_factor_authenticatable if SUPER_ADMIN_OTP_ENABLED
|
||||
end
|
||||
|
||||
# ==> Mountable engine configurations
|
||||
|
|
Loading…
Reference in a new issue